CVE-2005-1527 (retired)

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, whena URLPlugin is enabled, allows remote attackers to execute arbitrary Perlcode via the HTTP Referrer, which is used in a $url parameter that isinserted into an eval function call.